ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Browser Playwright Bridge

v1.1.0

Run Playwright scripts that reuse OpenClaw browser's login state via CDP with automatic lock-based conflict prevention.

0· 531·2 current·2 all-time
bySway Liu@swaylq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description claim: share OpenClaw browser state with Playwright via CDP and avoid conflicts. Files and instructions implement exactly that: lock file management, CDP discovery, stopping/starting Chrome with the OpenClaw user-data-dir, and a Playwright template that connects over CDP. Required resources and declared metadata are proportionate to the stated purpose.
Instruction Scope
SKILL.md and the scripts instruct the agent/user to stop the OpenClaw browser, start a standalone Chrome with the same user-data-dir, run a Playwright script, and release the lock. These actions are consistent with the purpose but are intrusive: they read/write the OpenClaw user-data directory, probe local CDP ports, and kill Chrome processes matching the CDP port. The instructions do not access remote endpoints beyond localhost; they do run local process/port discovery and process termination which is within scope but has safety implications.
Install Mechanism
No install spec; the skill is instruction + two scripts. That is low-risk from an install perspective (nothing is automatically downloaded or written to the system by the registry). Playwright must be installed by the workspace operator (npm install playwright) — no hidden installers or external download URLs in the skill itself.
Credentials
The skill declares no required environment variables and uses optional envs (CDP_PORT, CHROME_BIN, HEADLESS). That matches its behavior: the scripts honor those env vars but do not require unrelated credentials or secrets. No external tokens/keys are requested.
Persistence & Privilege
The skill does not request always:true and does not persist configuration into other skills. However, it writes lock and PID files to /tmp and starts/kills Chrome processes while pointing Chrome at the user's OpenClaw user-data-dir (~/.openclaw/browser/openclaw/user-data). That grants scripts run under this bridge access to any cookies/session state stored in that profile — an intended feature but a meaningful privilege that warrants caution.
Assessment
This skill appears to do what it claims — manage a mutex and let Playwright reuse OpenClaw's Chrome profile — but it performs intrusive local operations. Before installing or using it: (1) review and understand the scripts (browser-lock.sh will kill processes and start Chrome with your OpenClaw profile); (2) do not run untrusted Playwright scripts under this bridge because they will inherit your browser cookies/sessions and can act as you in logged-in sites; (3) consider making a disposable copy of the user-data directory or using a separate profile for automation to limit exposure; (4) test in a non-production environment first to ensure the CDP discovery/kill logic doesn't terminate unrelated Chrome instances on your machine; (5) if you need stricter isolation, prefer running Playwright with a separate profile or a dedicated browser instance rather than reusing OpenClaw's profile.

Like a lobster shell, security has layers — review code before you run it.

latestvk9760rdj97y9388cwgqjfm6gwh81t2ff

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments